lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20030612031925.GV5271@alcor.net> From: debian-security-announce at lists.debian.org (debian-security-announce@...ts.debian.org) Subject: [SECURITY] [DSA-317-1] New cupsys packages fix denial of service -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 317-1 security@...ian.org http://www.debian.org/security/ Matt Zimmerman June 11th, 2003 http://www.debian.org/security/faq - -------------------------------------------------------------------------- Package : cupsys Vulnerability : denial of service Problem-Type : remote Debian-specific: no CVE Id : CAN-2003-0195 The CUPS print server in Debian is vulnerable to a denial of service when an HTTP request is received without being properly terminated. For the stable distribution (woody) this problem has been fixed in version 1.1.14-5. For the old stable distribution (potato) this problem has been fixed in version 1.0.4-12.2. For the unstable distribution (sid) these problems are fixed in version 1.1.19final-1. We recommend that you update your cupsys package. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 2.2 alias potato - --------------------------------- Source archives: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.2.dsc Size/MD5 checksum: 655 62f4187f7688d12d1cb2dc8f3ceddcb4 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.2.diff.gz Size/MD5 checksum: 32179 70555e86da9e760ae56aab28ae90c6d5 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4.orig.tar.gz Size/MD5 checksum: 3147998 d753d8b3c2506a9b97bf4f22ca53f38b Alpha architecture: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.2_alpha.deb Size/MD5 checksum: 2437792 68586395d797a4e61722767cef136a37 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4-12.2_alpha.deb Size/MD5 checksum: 18086 6e9493d7a8fa81d23a6a1f5ede22a202 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1_1.0.4-12.2_alpha.deb Size/MD5 checksum: 88128 d17fc2e76871efee28cfcdc3fa613ef7 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1-dev_1.0.4-12.2_alpha.deb Size/MD5 checksum: 118130 01a41f44933ac8a6515b034be8fe15dd ARM architecture: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.2_arm.deb Size/MD5 checksum: 2336828 7dcec02babb951364408797a55e4da54 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4-12.2_arm.deb Size/MD5 checksum: 17248 53ec17c74322643e8fef2365bfdbc5ea http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1_1.0.4-12.2_arm.deb Size/MD5 checksum: 65418 9bd20224686a76d0718d611817520e1d http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1-dev_1.0.4-12.2_arm.deb Size/MD5 checksum: 92906 2b26c2727fa1d17c7f20c8302224e900 Intel IA-32 architecture: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.2_i386.deb Size/MD5 checksum: 2296854 5604e4ef5b8f5745b24e928572f4ea00 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4-12.2_i386.deb Size/MD5 checksum: 16834 80f1e31bb576a747171ceee897a08395 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1_1.0.4-12.2_i386.deb Size/MD5 checksum: 65090 1b7eb1299370c942369c007ca88a4a19 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1-dev_1.0.4-12.2_i386.deb Size/MD5 checksum: 83476 257fd71bba53040177c67d0acc4af963 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.2_m68k.deb Size/MD5 checksum: 2245650 a539f8c6bca41313c3bcafcade951e92 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4-12.2_m68k.deb Size/MD5 checksum: 16222 9de04da1ae83802aeb176ac768547b44 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1_1.0.4-12.2_m68k.deb Size/MD5 checksum: 60304 5b7af092247d34a55ed31de79727d861 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1-dev_1.0.4-12.2_m68k.deb Size/MD5 checksum: 76378 b4c2cb0c1d44881398da9edca2179246 PowerPC architecture: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.2_powerpc.deb Size/MD5 checksum: 2331472 d6b315e38ba84bcc85b9a46b3a15ac23 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4-12.2_powerpc.deb Size/MD5 checksum: 16624 897f83ebf718f6f83fc2f39598b0db5c http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1_1.0.4-12.2_powerpc.deb Size/MD5 checksum: 68590 04ffc914f4f6da8e9e295be7a5d2b717 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1-dev_1.0.4-12.2_powerpc.deb Size/MD5 checksum: 89904 c5ebfeeda1bfceb42f6f12eb15038c56 Sun Sparc architecture: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.0.4-12.2_sparc.deb Size/MD5 checksum: 2349170 fe795cb085fc8210aa53b4f83d3f8303 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.0.4-12.2_sparc.deb Size/MD5 checksum: 16860 6ff9f5d5967097196900a19599352e69 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1_1.0.4-12.2_sparc.deb Size/MD5 checksum: 71574 edf96b9318e8d49254ae6ad3d78a89e5 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys1-dev_1.0.4-12.2_sparc.deb Size/MD5 checksum: 89630 03b72fddbe710bca0a74a34a0461ae2c Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5.dsc Size/MD5 checksum: 698 d8e9f0cbef70faa7a8f977da6e3fbd93 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5.diff.gz Size/MD5 checksum: 37098 4cd82a8a1616de6ae7b2fc3d646ed8fe http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14.orig.tar.gz Size/MD5 checksum: 6150756 0dfa41f29fa73e7744903b2471d2ca2f Alpha architecture: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5_alpha.deb Size/MD5 checksum: 1899134 dcb4b6347d0b476dae89be122b39e2eb http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5_alpha.deb Size/MD5 checksum: 73962 0b4b8df7cbbff8ffc5257bc1a517c179 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5_alpha.deb Size/MD5 checksum: 92600 3aea4a863525bd32cc5dfc302de54121 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5_alpha.deb Size/MD5 checksum: 2445454 f21eeeda531ea8161c224036fc9879b0 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5_alpha.deb Size/MD5 checksum: 137630 54f0a920320e84654c4f4e5f4081eaa6 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5_alpha.deb Size/MD5 checksum: 180558 1226c233b2e7a9112a5ba8b650008071 ARM architecture: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5_arm.deb Size/MD5 checksum: 1821286 58e362b98239e909ae33428d5171443a http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5_arm.deb Size/MD5 checksum: 68108 f4f3f92b9d79dab00940a5a6758d5406 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5_arm.deb Size/MD5 checksum: 85296 671027bcdef6f2dd3fbafc88f2b7f0b0 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5_arm.deb Size/MD5 checksum: 2345502 2660201c3a1c0a3381dea45829f2d029 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5_arm.deb Size/MD5 checksum: 112622 4084c872746fd9fc7b32994285bb4a1a http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5_arm.deb Size/MD5 checksum: 150036 74969c5e6cb230fd01840ec8d9cfb1c3 Intel IA-32 architecture: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5_i386.deb Size/MD5 checksum: 1787996 3e7950c3c56e0daf070d1ffc68abd728 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5_i386.deb Size/MD5 checksum: 67638 418c11ff1b4afe09fe5444bebcb28ce6 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5_i386.deb Size/MD5 checksum: 83808 c0567c005914ae32aff65b8314a1412f http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5_i386.deb Size/MD5 checksum: 2311616 482948c4d0f856529c53f19f81c2808c http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5_i386.deb Size/MD5 checksum: 110654 f9ecb4934ee098f2ffa9f4939effb328 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5_i386.deb Size/MD5 checksum: 136264 1f12c18e24db07e1899e41450bb5dd11 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5_ia64.deb Size/MD5 checksum: 2007428 2e71050b2af16539bac04dcd2a494467 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5_ia64.deb Size/MD5 checksum: 77024 3a240e09125e4760a11fc9ec0a717639 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5_ia64.deb Size/MD5 checksum: 96766 0190898c7cd23b3cd2395f581d04a667 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5_ia64.deb Size/MD5 checksum: 2656402 e4a973aa88b3fb786cf22e512efa2072 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5_ia64.deb Size/MD5 checksum: 155600 d6a1a3ab8a2da0ae7eeea6c708402029 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5_ia64.deb Size/MD5 checksum: 182558 b814b6d43cb8cf470a2b5710a136dcfd HP Precision architecture: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5_hppa.deb Size/MD5 checksum: 1881126 63a68e019a11aac8d40d52f9ff83967e http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5_hppa.deb Size/MD5 checksum: 70430 1ede64635341a55b36b60f71500e9a67 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5_hppa.deb Size/MD5 checksum: 89442 a494f46a9556ddbc4b45b374d8e51d5d http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5_hppa.deb Size/MD5 checksum: 2455688 f3dd321dba6d2ea35c435c37e7c6b928 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5_hppa.deb Size/MD5 checksum: 126252 3e16e6b53bf6479d7b0fe0f337352d26 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5_hppa.deb Size/MD5 checksum: 159180 fc4939ad20629d5590724418962f19e2 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5_m68k.deb Size/MD5 checksum: 1754486 93070aee659899fd16e9dc3d2a216a93 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5_m68k.deb Size/MD5 checksum: 65898 01b904f8e17cade65565b63c642f9cf7 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5_m68k.deb Size/MD5 checksum: 81000 b625a07a4d0d741d84759d81d68b300e http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5_m68k.deb Size/MD5 checksum: 2261028 856feb8179b788e523e6a6c88afce6c0 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5_m68k.deb Size/MD5 checksum: 105858 24a37f8e18b52b88e22d18302d3d1735 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5_m68k.deb Size/MD5 checksum: 128416 019a003fa1de011154d9b5601c0a1931 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5_mips.deb Size/MD5 checksum: 1810972 e9d1421939f0b93cd95b1d505f302812 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5_mips.deb Size/MD5 checksum: 67538 c90ecd70fb8c4eae02fa55732bb8ff45 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5_mips.deb Size/MD5 checksum: 80958 8aa3c567755d5db530a985eecdbea256 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5_mips.deb Size/MD5 checksum: 2404286 459e9627c908bd5540cfd6ea0419cc3a http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5_mips.deb Size/MD5 checksum: 112404 645a755f5089ee5c64b61a0e4f71919e http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5_mips.deb Size/MD5 checksum: 150828 470fed7157c61c8c04664db4c4b4d935 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5_mipsel.deb Size/MD5 checksum: 1811562 103cfa02aae226a094070d5f3ac5d3d0 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5_mipsel.deb Size/MD5 checksum: 67514 4f1a4cbc9412c36b7281846067c81262 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5_mipsel.deb Size/MD5 checksum: 80984 73090253e9044914fcc54b825fbc2b11 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5_mipsel.deb Size/MD5 checksum: 2406572 108f891a2fe177f0e1c84ca44d63ece3 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5_mipsel.deb Size/MD5 checksum: 112176 aeeb8a7cf8334afcf06b945bfcdf3c55 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5_mipsel.deb Size/MD5 checksum: 150646 271adca793dc88c1638b3678e5b2fa56 PowerPC architecture: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5_powerpc.deb Size/MD5 checksum: 1799960 ddc40dda5fc8e316e405d114ee14c082 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5_powerpc.deb Size/MD5 checksum: 67534 bf87487701aa0c8fd11bf455bf972bf2 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5_powerpc.deb Size/MD5 checksum: 83094 88d8483159207532e16471ced0bfad0a http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5_powerpc.deb Size/MD5 checksum: 2359434 e6cc4e0e75c8e18a44c28d0b4a8db6f7 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5_powerpc.deb Size/MD5 checksum: 116408 2c7504ff43f285569ba0cfd0cfbc87e2 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5_powerpc.deb Size/MD5 checksum: 144854 3efab73d39f75627c0231bee2af525e4 IBM S/390 architecture: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5_s390.deb Size/MD5 checksum: 1795366 e0130999dea734e7b53e4c30fe3a57fb http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5_s390.deb Size/MD5 checksum: 68910 7f09597ee481040851d8f4b702909d5c http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5_s390.deb Size/MD5 checksum: 85650 33da3795e9786cf0ecd6ec817a8906ce http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5_s390.deb Size/MD5 checksum: 2337264 929b9bf3cef6c7c6af959811f440e908 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5_s390.deb Size/MD5 checksum: 114946 0b44773caea7c1b039e1b920a2ab5723 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5_s390.deb Size/MD5 checksum: 140476 aceabfac589cd5bf64d919ea798342d1 Sun Sparc architecture: http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5_sparc.deb Size/MD5 checksum: 1844758 1e973cbe93dd47a1169efc3c371f6adb http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5_sparc.deb Size/MD5 checksum: 70478 0d7ba3b1a0a389454f3873c32a25c6b8 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5_sparc.deb Size/MD5 checksum: 83914 54f609e6d9972c9b5d069bd3a4387ba1 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5_sparc.deb Size/MD5 checksum: 2354314 aa4a299d98fc23d4e1850f3b6c55ec9a http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5_sparc.deb Size/MD5 checksum: 120092 a45b72479880f579f5f1d5f148ba87a3 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5_sparc.deb Size/MD5 checksum: 146370 8ebc656faec1d66166b2e88831896610 These files will probably be moved into the stable distribution on its next revision. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@...ts.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE+5/EmArxCt0PiXR4RAlVFAKC8Rf+TwmWJ330+PKCn4N3+2GHmegCfXF2D A3Wu+b+qM1kdRctJzMTRQMA= =I4f0 -----END PGP SIGNATURE-----